0nb.7z [2026]

: Attackers used compromised email accounts to send malicious archives. These attacks utilized homoglyph attacks , where visually similar characters are used to deceive users into opening malicious files.

: The campaign primarily targeted governmental and civilian organizations in Ukraine as part of the Russo-Ukrainian conflict. 0NB.7z

: Analysis from ThreatLocker highlights that attackers prefer tools like 7-Zip because they are often pre-approved in corporate environments, making it difficult for standard antivirus software to flag their use as malicious. : Attackers used compromised email accounts to send

: Older community discussions, such as those on Reddit , have debated the cryptographic implementation in 7-Zip, though many reported "flaws" were later deemed low-risk or debunked by the developer. such as those on Reddit